AskBiz POS · AskBiz Ltd · Effective date: 16 June 2026 · Last updated: 16 June 2026
AskBiz POS (pos.askbiz.co) is a point-of-sale, inventory and logistics application operated by AskBiz Ltd (“AskBiz”, “we”, “us”). It is used by business owners to run sales, manage staff, track stock and coordinate deliveries.
The business owner is the data controller for the staff and customer personal data processed through their POS account — they decide what data is entered and why. AskBiz acts as the data processor, handling that data only to provide the service on the business owner’s instructions.
For data we collect directly to run our platform (account details, billing, security logs), AskBiz is the controller.
Contact: privacy@askbiz.co
Business owner / account data: Name, email, business type, country, and subscription details when an account is created.
Staff data: Staff names, roles, and PINs used to sign in to the POS. PINs are hashed (bcrypt) and never stored in plain text.
Customer data: Customer names and phone numbers (when provided for receipts or records), and the transaction history linked to them.
Transaction & inventory data: Products sold, quantities, prices, discounts, payment methods, timestamps, stock levels, and product details.
Photos & images: Camera images of products, barcodes, price tags, number plates, and vehicle inspections. Scan images are processed in real time — raw images are not retained on our servers; only the extracted data (e.g. product name, price, plate number) is kept.
Driver GPS / location data: If the logistics module is used, driver location and delivery routes are processed to track parcels and manage deliveries.
Technical data: Session information, device type, and security logs (e.g. failed login attempts) for fraud prevention.
Locally stored data: Your signed-in staff session is stored in your browser’s local storage (key pos_staff) so the POS keeps you logged in. Offline cash sales are also held locally until they sync.
| Processing activity | Lawful basis | GDPR |
|---|---|---|
| Running the POS service for the business | Contract performance | Art. 6(1)(b) |
| Processing customer & transaction records | Controller (business) instruction | Art. 28 |
| Sending receipts to customers | Customer consent | Art. 6(1)(a) |
| Camera / number-plate scanning | Contract performance | Art. 6(1)(b) |
| Driver GPS & delivery tracking | Contract performance | Art. 6(1)(b) |
| Fraud prevention & security logs | Legitimate interest | Art. 6(1)(f) |
| Payment processing | Contract performance | Art. 6(1)(b) |
| Data type | Retention |
|---|---|
| Transaction & inventory history | Retained for accounting/tax compliance (typically 7 years); exportable or deletable on request |
| Customer phone numbers | 30 days, then automatically deleted |
| Staff PIN records | Hashed; failed-login logs kept 90 days then deleted |
| Camera scan images | Not stored — processed in real time only |
| Number-plate & vehicle inspection photos | 6 months |
| Logistics & delivery / GPS data | 12 months after delivery completion |
| Locally stored session (pos_staff) | Cleared on sign-out / browser clear |
| Offline sale data | Until synced to server, then cleared locally |
You have the right to access, correct, delete, restrict, port, and object to the processing of your personal data, and to withdraw consent at any time. These satisfy EU/UK GDPR and most other applicable privacy laws.
If you are a customer or staff member of a business that uses AskBiz POS, that business is the data controller. To access or erase your data, contact the business owner directly — they decide what data is held and can action your request in the POS.
AskBiz (as processor) will support any controller in fulfilling these requests, and will action requests relating to data we control (such as account or billing data). Email privacy@askbiz.co and we respond within 30 days.
You may also lodge a complaint with your local data protection authority.
We use the following sub-processors, each bound by a data processing agreement and appropriate transfer safeguards (Standard Contractual Clauses where data leaves the EU/UK):
We never sell your data and never share it with advertisers.
We protect data using encrypted connections (TLS), bcrypt-hashed staff PINs, row-level security on our database, and scoped access controls. If a breach occurs that is likely to risk your rights, we notify the relevant authority within 72 hours and affected users without undue delay. Report security concerns to security@askbiz.co.
The POS uses minimal essential storage, plus Google Analytics once you consent to it in the cookie banner — it does not run advertising cookies. See our Cookie Policy for full detail.
We will notify business owners of any material changes to this policy before they take effect. Continued use of AskBiz POS after changes constitutes acceptance.